Introduction
PowerApps is one of the best tools for creating low code - no code applications. It provides a tool where end users can create applications without any knowledge of coding. This tool is becoming more popular day by day as we can create good-looking applications without writing a single line of code.
But with this power, there can be situations where end-users keep on creating applications for testing which could be painful for the Administrator who looks after all the applications in PowerApps.
In this blog, we will understand two things
- Extracting all the PowerApps in Tenant
- Provide Access to specific PowerApp to a particular user
Let us check how we can list all the Power Apps present in the tenant.
Step 1
We will use PowerShell to generate a CSV file that would contain all the PowerApps in the Tenant. To achieve this let us Install the Power Apps Administration PowerShell module using the below command. This module is very helpful for all administration-related tasks for all PowerPlatform related activities.
Install-Module -Name Microsoft.PowerApps.Administration.PowerShell
Step 2
Once the module is installed we can now run the below command to extract all the PowerApps in the Tenant. We need to login with the account which has Tenant admin or would have admin rights for PowerPlatform. This will help extract all the required data.
Use the below command,
$allTenantPowerApps = Get-AdminPowerApp
$allTenantPowerApps | select AppName,DisplayName,CreatedTime,LastModifiedTime,EnvironmentName | Export-Csv -path c:\temp\allTenantPowerApps.csv
Note
Please change the path as per your required destination for the file.
This command will open a window (as displayed in the image below) to login to the tenant where we should use tenant admin credentials to fetch all the Power Automate in the environment.
Outcome
The final file which will get generate would look as displayed in the image below which would contain the specified columns.
Now let us see how we can provide access to a particular user to a PowerApp.
To provide access to the user or group we can use the below command but it would require the below parameters.
PrincipalObjectId
We would require to provide the GUID of the user or group (Can be fetched by running the graph API for user / From Azure AD users section where we get the value from the field name Object ID).
AppName
GUID of the PowerApp we can fetch this value from the above excel which we generated.
RoleName
This can take values from CanEdit, CanView, CanViewWithShare as the values and would provide that level of access.
Below is the command which would help us provide the access.
Set-AdminPowerAppRoleAssignment -PrincipalType User -PrincipalObjectId 24664b77-c1c8-4fc8-8a47-dfb149781236 -RoleName CanEdit -AppName eff1dbc3-2b8b-4f96-be6a-8adfc2449624 -EnvironmentName default-52d05dd6-9e21-494f-8502-77658dbe16b8
For this example, I have created an App where my user was not having access but after running the above code I got access to the code as displayed in the image below,
Outcome
Conclusion
Administration activities become very easy by using Microsoft.PowerApps.Administration.PowerShell Module for all the PowerPlatform related activities. Complex activities can be completed by just running a single line of code.